Re: authenticating through a router

Date: 11/01/01

Subject: Re: authenticating through a router
To:, "k0tu (AISec)" <>
Date: Thu, 1 Nov 2001 15:28:25 -0500
Message-ID: <>

That's exactly what you want to do , outside of buying two devices which
would then create the tunnel (basically a firewall - bastion box). Off the
top of my head I can't think of a package, I'm sure they exist thought.
You'll basically want to create an ipsec tunnel between the two devices,
then route to the hardened Linux box based a packets destination. I'm sure
others, or Google could help you find a package.

Shawn Harris
PM Store Communications
TJX, Co.

"k0tu (AISec)" <> on 10/31/2001 08:30:38 PM


Subject: authenticating through a router

probably a pretty basic question...

i just want to gather others' suggestions for the best way to authenticate
users between 2 sites connected by a dedicated T1. All internal private
addressing is being used...

each site has their own internet access.

DHCP is being used on both internal networks. So if ACL's are used to allow
certain IP's through, we'll probably run into "lease" issues. (static
"trusted" machines is an option, i guess.)

besides having the usual ACL's on the router(s)...after they hit the
how could I authenticate users at the gateway, and continue on into the
remote network? Both networks are Windows 2000. (Trusting both domains
also be an option, i guess ;) But that would be 2 domains. Can users from
one domain use the same credentials on the "dedicated" domain, if they were
added as users with the same passwords that exist on the already existing

To make a difficult long scenario short....

Is there any software I could put on a hardened linux box, that could do
user authentication?

Any suggestions would be appreciated...thnx.


Get your FREE download of MSN Explorer at